[Zope-Perl] ZOPE DBI adapter
Gisle Aas
gisle@ActiveState.com
01 Sep 2000 17:49:50 +0200
Harry Danilevsky <hdanilevsky@siichi.com> writes:
> >
> > I guess so. Time find a way to extend the string with arbitrary
> > key/value pairs.
> >
> > Currently we have use:
> >
> > [ <username> [ ":" <password> ] "@" ] <dbi source spec>
> >
> > it would be tempting to change that into:
> >
> > <dbi source spec> ( ";" <key> "=" <value> )*
> >
> > but as the <dbi source spec> could actually use any chars it is hard
> > to know the there the spec string ends. The safe solution to that
> > would be to introduce escape sequences for writing literal ";" in the
> > source spec.
> >
> > We could perhaps also get away with ignoring escaping and something
> > like:
> >
> > <dbi source spec> [ ";" ( ";" <key> "=" <value> )+ ]
> >
> > i.e. that everything after ";;" are extra parameters to the connect
> > call. E.g.:
> >
> > dbi:Oracle:host=foo;sid=42;;username=foo;AutoCommit=0
> >
> > Other ideas?
> >
> > Regards,
> > Gisle
> >
>
> Why not use a string verbatim, and instead of calling DBI->connect as
> perl.callm,
> call perl.eval("""DBI->connect(".$connection_string.")""") (or whatever the
> correct python syntax is)
Sounds like a security risk.
Regards,
Gisle